import hvac


def create_coin_token(client):
    client.sys.enable_secrets_engine(
        backend_type='kv', path='coin_key_high', options={'version': 2})
    client.sys.enable_secrets_engine(
        backend_type='kv', path='coin_key', options={'version': 2})
    client.sys.enable_secrets_engine(
        backend_type='kv', path='dex_key_high', options={'version': 2})

    coin_key_high_meta_reader_policy = {
        'name': 'coin_key_high_meta_reader',
        'policy': """
            path "coin_key_high/metadata/*" {
                capabilities = ["read", "list"]
            }"""
    }
    coin_key_high_meta_writer_policy = {
        'name': 'coin_key_high_meta_writer',
        'policy': """
            path "coin_key_high/metadata/*" {
                capabilities = ["create", "read", "update", "delete", "list"]
            }"""
    }
    coin_key_meta_reader_policy = {
        'name': 'coin_key_meta_reader',
        'policy': """
            path "coin_key/metadata/*" {
                capabilities = ["read", "list"]
            }"""
    }
    coin_key_high_reader_policy = {
        'name': 'coin_key_high_reader',
        'policy': """
            path "coin_key_high/*" {
                capabilities = ["read", "list"]
            }"""
    }
    coin_key_high_writer_policy = {
        'name': 'coin_key_high_writer',
        'policy': """
            path "coin_key_high/*" {
                capabilities = ["create", "read", "update", "delete", "list"]
            }
        """
    }
    coin_key_reader_policy = {
        'name': 'coin_key_reader',
        'policy': """
            path "coin_key/*" {
                capabilities = ["read", "list"]
            }"""
    }
    coin_key_writer_policy = {
        'name': 'coin_key_writer',
        'policy': """
            path "coin_key/*" {
                capabilities = ["create", "read", "update", "delete", "list"]
            }
        """
    }
    dex_key_high_reader_policy = {
        'name': 'dex_key_high_reader',
        'policy': """
            path "dex_key_high/*" {
                capabilities = ["read", "list"]
            }"""
    }
    dex_key_high_writer_policy = {
        'name': 'dex_key_high_writer',
        'policy': """
            path "dex_key_high/*" {
                capabilities = ["create", "read", "update", "delete", "list"]
            }
        """
    }

    client.sys.create_or_update_policy(
        name=coin_key_high_meta_reader_policy['name'],
        policy=coin_key_high_meta_reader_policy['policy'],
    )
    client.sys.create_or_update_policy(
        name=coin_key_high_meta_writer_policy['name'],
        policy=coin_key_high_meta_writer_policy['policy'],
    )
    client.sys.create_or_update_policy(
        name=coin_key_meta_reader_policy['name'],
        policy=coin_key_meta_reader_policy['policy'],
    )
    client.sys.create_or_update_policy(
        name=coin_key_high_reader_policy['name'],
        policy=coin_key_high_reader_policy['policy'],
    )
    client.sys.create_or_update_policy(
        name=coin_key_high_writer_policy['name'],
        policy=coin_key_high_writer_policy['policy'],
    )
    client.sys.create_or_update_policy(
        name=coin_key_reader_policy['name'],
        policy=coin_key_reader_policy['policy'],
    )
    client.sys.create_or_update_policy(
        name=coin_key_writer_policy['name'],
        policy=coin_key_writer_policy['policy'],
    )
    client.sys.create_or_update_policy(
        name=dex_key_high_reader_policy['name'],
        policy=dex_key_high_reader_policy['policy'],
    )
    client.sys.create_or_update_policy(
        name=dex_key_high_writer_policy['name'],
        policy=dex_key_high_writer_policy['policy'],
    )

    coin_key_high_reader_token = client.auth.token.create(
        policies=[coin_key_high_reader_policy['name'],
                  coin_key_high_meta_reader_policy['name']])
    coin_key_high_writer_token = client.auth.token.create(
        policies=[coin_key_high_writer_policy['name'],
                  coin_key_high_meta_writer_policy['name']])
    coin_key_reader_token = client.auth.token.create(
        policies=[coin_key_reader_policy['name'],
                  coin_key_meta_reader_policy['name']])
    coin_key_writer_token = client.auth.token.create(
        policies=[coin_key_writer_policy['name'],
                  coin_key_meta_reader_policy['name']])
    dex_key_high_reader_token = client.auth.token.create(
        policies=[dex_key_high_reader_policy['name'],
                  dex_key_high_reader_policy['name']])
    dex_key_high_writer_token = client.auth.token.create(
        policies=[dex_key_high_writer_policy['name'],
                  dex_key_high_writer_policy['name']])


def create_fund_token(client):
    # enable engine
    client.sys.enable_secrets_engine(
        backend_type='kv', path='fund_key_high', options={'version': 2})

    # define policy
    fund_key_high_reader_policy = {
        'name': 'fund_key_high_reader',
        'policy': """
            path "fund_key_high/*" {
                capabilities = ["read", "list"]
            }"""
    }
    fund_key_high_writer_policy = {
        'name': 'fund_key_high_writer',
        'policy': """
            path "fund_key_high/*" {
                capabilities = ["create", "read", "update", "delete", "list"]
            }
        """
    }

    # create or update policy
    client.sys.create_or_update_policy(
        name=fund_key_high_reader_policy['name'],
        policy=fund_key_high_reader_policy['policy'],
    )
    client.sys.create_or_update_policy(
        name=fund_key_high_writer_policy['name'],
        policy=fund_key_high_writer_policy['policy'],
    )

    # create token
    fund_key_high_reader_token = client.auth.token.create(
        policies=[fund_key_high_reader_policy['name'],
                  fund_key_high_reader_policy['name']])
    print(fund_key_high_reader_token)
    fund_key_high_writer_token = client.auth.token.create(
        policies=[fund_key_high_writer_policy['name'],
                  fund_key_high_writer_policy['name']])
    print(fund_key_high_writer_token)


if __name__ == '__main__':
    client_ = hvac.Client(url='https://laksa.joomo.io:8200')
    assert client_.is_authenticated()
    create_fund_token(client_)
